CVE-2009-1173

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.

Published: Mar 31, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1173
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	7.0	7.0.x
ibm / websphere_application_server	7.0.0.1	7.0.0.1.x

http://secunia.com/advisories/34131
http://secunia.com/advisories/34461
http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
http://www.securityfocus.com/bid/34259
http://www.vupen.com/english/advisories/2009/0854

Vulnerability Database

290,020

CVE-2009-1173